Category Archives: EN

Online security info for gmail

This is the e-mail I received form  Dashlane. I deeply concern my online security presence. Take a glimpse.

 5 million Google accounts reported compromised – Here’s what to do

 

Dear  Dashlane users,On Wednesday, it was reported that 5 million login and password combinations for compromised Google accounts were posted online by cyber thieves.

We built a tool that allows you to easily check if your Google accounts are part of the breach.

We strongly recommend that you check your Google accounts and immediately take steps to secure them if necessary.
Stay safe!
– The  Dashlane. Team

There is a proved high rated solution: click here ->DAHSLANE             or copy and paste this link in your browser https://www.dashlane.com/en/cs/3bb92d23                                           Next step –  Enter your email address in corresponding field and then sign up with this email to get $15 (i.e. 6 months) of free Dashlane Premium!                                                                                                                           Thank you in advance for using my referral number. I will get same as you – 6 months of free Dashlane Premium.

“The company Dashlane has won many accolades and recognition, including:

 

 

Online security info

 

This is the e-mail I received form  Dashlane. I deeply concern my online security presence. Take a glimpse.

 

Dear  Dashlane users,On August 5th, it was reported that a Russian hacker group, dubbed CyberVor by Hold Secuirty, has amassed over 4.5 billion stolen personal records. Usernames and passwords from over 420,000 websites are among the stolen data, and it’s reported that half a billion of those records are said to be unique email addresses.Massive data breaches like this are alarming, and so we want to reassure you:
Your Dashlane accounts remain safe.
Your Master Passwords are never transmitted.
Your data is always ciphered locally using AES-256 encryption, even when transmitted.
At this time, there is no available list of sites that were breached. Some of the breached sites may still be vulnerable. In this situation, our advice is as follows:
Make sure you’re not reusing passwords anywhere – especially your Master Password, which should always be unique to Dashlane.
To be on the safe side, reset passwords for the accounts that are most important to you (email, financial, e-commerce sites that have your payment info, accounts that are personal to you).
Enable 2-factor authentication wherever possible.
Resetting passwords on sites that are still vulnerable will not secure that account from another breach on the website’s side. Since it’s unknown which sites are still vulnerable as of now, it’s better to play it safe and update your passwords.We’ll continue to follow this story and update you as more information becomes available. You can also visit the  Dashlane Threat Center or our blog for more information.We’re glad that you’ve chosen to secure your passwords in Dashlane. We hope that you’ll share your solution with others, as there’s no time like the present to start using a password manager.Stay safe!

There is a proved high rated solution: click here ->DAHSLANE             or copy and paste this link in your browser https://www.dashlane.com/en/cs/3bb92d23                                           Next step –  Enter your email address in corresponding field and then sign up with this email to get $15 (i.e. 6 months) of free Dashlane Premium!                                                                                                                           Thank you in advance for using my referral number. I will get same as you – 6 months of free Dashlane Premium.

“The company Dashlane has won many accolades and recognition, including:

 

 

Info about FAKE SITE FOR2BILL.COM

Info about FAKE SITE FOR2BILL.COM

Fake site
Fake site

Address lookup

canonical name for2bill.com.
aliases
addresses 216.224.161.87

Domain Whois record

Queried whois.internic.net with “dom for2bill.com“…

   Domain Name: FOR2BILL.COM
   Registrar: HICHINA ZHICHENG TECHNOLOGY LTD.
   Whois Server: grs-whois.hichina.com
   Referral URL: http://www.net.cn
   Name Server: DNS17.HICHINA.COM
   Name Server: DNS18.HICHINA.COM
   Status: ok
   Updated Date: 21-nov-2013
   Creation Date: 21-nov-2013
   Expiration Date: 21-nov-2014

>>> Last update of whois database: Sun, 15 Jun 2014 20:27:18 UTC <<<

Queried grs-whois.hichina.com with “for2bill.com“…

Domain Name: for2bill.com
Registry Domain ID: 
Registrar WHOIS Server: whois.hichina.com
Registrar URL: http://www.net.cn/
Updated Date: 2013-11-21T07:33:58Z
Creation Date: 2013-11-21T07:33:58Z
Registrar Registration Expiration Date: 2014-11-21T07:33:58Z
Registrar: HICHINA ZHICHENG TECHNOLOGY LTD.
Registrar IANA ID: 420
Registrar Abuse Contact Email: abuse@list.alibaba-inc.com
Registrar Abuse Contact Phone: +86.1064242299
Reseller: 
Domain Status: 
Registry Registrant ID: whois-protect
Registrant Name: WHOIS AGENT
Registrant Organization: DOMAIN WHOIS PROTECTION SERVICE
Registrant Street: 3/F.,HiChina Mansion,No.27 Gulouwai Avenue,Dongcheng District,Beijing 100120,China
Registrant City: Beijing
Registrant State/Province: Beijing
Registrant Postal Code: 100120
Registrant Country: CN
Registrant Phone: +8610.64242266
Registrant Phone Ext: 
Registrant Fax: +8610.84138796
Registrant Fax Ext: 
Registrant Email: domainadm@hichina.com
Registry Admin ID: whois-protect
Admin Name: WHOIS AGENT
Admin Organization: DOMAIN WHOIS PROTECTION SERVICE
Admin Street: 3/F.,HiChina Mansion,No.27 Gulouwai Avenue,Dongcheng District,Beijing 100120,China
Admin City: Beijing
Admin State/Province: Beijing
Admin Postal Code: 100120
Admin Country: CN
Admin Phone: +8610.64242266
Admin Phone Ext: 
Admin Fax: +8610.84138796
Admin Fax Ext: 
Admin Email: domainadm@hichina.com
Registry Tech ID: whois-protect
Tech Name: WHOIS AGENT
Tech Organization: DOMAIN WHOIS PROTECTION SERVICE
Tech Street: 3/F.,HiChina Mansion,No.27 Gulouwai Avenue,Dongcheng District,Beijing 100120,China
Tech City: Beijing
Tech State/Province: Beijing
Tech Postal Code: 100120
Tech Country: CN
Tech Phone: +8610.64242266
Tech Phone Ext: 
Tech Fax: +8610.84138796
Tech Fax Ext: 
Tech Email: domainadm@hichina.com
Name Server: dns17.hichina.com
Name Server: dns18.hichina.com
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2014-06-15T20:27:34Z <<<

Registry Billing ID: whois-protect
Billing Name: WHOIS AGENT
Billing Organization: DOMAIN WHOIS PROTECTION SERVICE
Billing Street: 3/F.,HiChina Mansion,No.27 Gulouwai Avenue,Dongcheng District,Beijing 100120,China
Billing City: Beijing
Billing State/Province: Beijing
Billing Postal Code: 100120
Billing Country: CN
Billing Phone: +8610.64242266
Billing Phone Ext: 
Billing Fax: +8610.84138796
Billing Fax Ext: 
Billing Email: domainadm@hichina.com

Important Reminder: Per ICANN 2013RAA`s request, Hichina has modified domain names`whois format of dot com/net/cc/tv, you could refer to section 1.4 posted by ICANN on http://www.icann.org/en/resources/registrars/raa/approved-with-specs-27jun13-en.htm#whois

Network Whois record

Queried whois.arin.net with “n ! NET-216-224-161-0-1“…

NetRange:       216.224.161.0 - 216.224.161.255
CIDR:           216.224.161.0/24
OriginAS:       AS4355
NetName:        ELNK-CLOUD
NetHandle:      NET-216-224-161-0-1
Parent:         NET-216-224-128-0-1
NetType:        Reallocated
RegDate:        2012-12-11
Updated:        2012-12-11
Ref:            http://whois.arin.net/rest/net/NET-216-224-161-0-1

OrgName:        SoftCom America Inc.
OrgId:          SOFTC-8
Address:        1100 Pittsford Victor Rd.
City:           Pittsford
StateProv:      NY
PostalCode:     14534
Country:        US
RegDate:        2010-05-05
Updated:        2013-05-10
Ref:            http://whois.arin.net/rest/org/SOFTC-8

OrgTechHandle: RAJAN1-ARIN
OrgTechName:   Rajanayagam, Ted 
OrgTechPhone:  +1-416-957-7432 
OrgTechEmail:  tedr@softcom.com
OrgTechRef:    http://whois.arin.net/rest/poc/RAJAN1-ARIN

OrgAbuseHandle: ABUSE3309-ARIN
OrgAbuseName:   Abuse Team
OrgAbusePhone:  +1-416-957-7401 
OrgAbuseEmail:  abuse@softcom.com
OrgAbuseRef:    http://whois.arin.net/rest/poc/ABUSE3309-ARIN

OrgNOCHandle: RAJAN1-ARIN
OrgNOCName:   Rajanayagam, Ted 
OrgNOCPhone:  +1-416-957-7432 
OrgNOCEmail:  tedr@softcom.com
OrgNOCRef:    http://whois.arin.net/rest/poc/RAJAN1-ARIN

DNS records

name class type data time to live
for2bill.com IN A 216.224.161.87 3600s (01:00:00)
for2bill.com IN SOA
server: dns17.hichina.com
email: hostmaster@hichina.com
serial: 2013120620
refresh: 10800
retry: 900
expire: 604800
minimum ttl: 3600
3600s (01:00:00)
for2bill.com IN MX
preference: 1
exchange: mx.zohomail.com
3600s (01:00:00)
for2bill.com IN NS dns17.hichina.com 3600s (01:00:00)
for2bill.com IN NS dns18.hichina.com 3600s (01:00:00)
87.161.224.216.in-addr.arpa IN PTR vps-1146411-18904.manage.myhosting.com 3600s (01:00:00)
161.224.216.in-addr.arpa IN SOA
server: ns1.caex.com
email: resellers@softcom.com
serial: 1402838054
refresh: 14400
retry: 7200
expire: 2419200
minimum ttl: 3600
3600s (01:00:00)
161.224.216.in-addr.arpa IN RRSIG
type covered: NSEC (47)
algorithm: RSA/SHA-1 (5)
labels: 5
original ttl: 10800 (03:00:00)
signature expiration: 2014-06-25 16:02:56Z
signature inception: 2014-06-15 16:02:56Z
key tag: 26063
signer’s name: 216.in-addr.arpa
signature:
(1024 bits)
A21F1BDEA9035F0B5ACEA8154E977376
14D0B50F1DC4B9D34B9A52D7CED03EF6
88414B366D3BABA8F9531F1F3EEB2ADE
197BCF07BC3CFF056476D0D9847982B3
2EB3A39AE186752DEAC2F248A8804CCE
6DAD81486CB974D1B6EBE9C959660981
B0A0E5AC224B7E0579FFEF893F210202
C8C1B393C62BBB3ECB5B0993EC857651
10800s (03:00:00)
161.224.216.in-addr.arpa IN NSEC
next domain name: 162.224.216.in-addr.arpa
record types: NS RRSIG NSEC
10800s (03:00:00)
161.224.216.in-addr.arpa IN NS ns.caex.com 3600s (01:00:00)
161.224.216.in-addr.arpa IN NS ns2.caex.com 3600s (01:00:00)
161.224.216.in-addr.arpa IN NS ns1.caex.com 3600s (01:00:00)

Traceroute

Tracing route to for2bill.com [216.224.161.87]

hop rtt rtt rtt ip address fully qualified domain name
1 0 0 0 208.101.16.73 208.101.16.73-static.reverse.softlayer.com
2 3 21 9 66.228.118.153 ae11.dar01.sr01.dal01.networklayer.com
3 0 0 0 173.192.18.254 ae14.bbr02.eq01.dal03.networklayer.com
4 0 0 0 157.238.224.229 ae-11.r01.dllstx04.us.bb.gin.ntt.net
5 5 0 0 129.250.2.198 ae-1.r21.dllstx09.us.bb.gin.ntt.net
6 23 31 31 129.250.2.201 ae-4.r21.chcgil09.us.bb.gin.ntt.net
7 29 29 25 129.250.4.202 ae-2.r06.chcgil09.us.bb.gin.ntt.net
8 22 23 27 128.242.186.162 xe-0-3-0-7.r06.chcgil09.us.ce.gin.ntt.net
9 52 55 47 165.121.238.69 user-2injri5.dialup.mindspring.com
10 50 54 49 66.32.0.242 static-66-32-0-242.earthlinkbusiness.net
11 48 51 51 216.224.150.166
12 * * *
13 45 48 37 216.224.161.6
14 43 46 39 216.224.161.87 vps-1146411-18904.manage.myhosting.com

Trace complete

Service scan

FTP – 21 220 ProFTPD 1.3.4a Server (ProFTPD) [216.224.161.87]
SMTP – 25 220 vps-1146411-18904.manage.myhosting.com ESMTP
HTTP – 80 HTTP/1.1 200 OK
Date: Sun, 15 Jun 2014 20:27:41 GMT
Server: Apache
Last-Modified: Wed, 04 Dec 2013 17:09:40 GMT
ETag: "4182a94-9c3-4ecb87a7d1d00"
Accept-Ranges: bytes
Content-Length: 2499
X-Powered-By: PleskLin
Connection: close
Content-Type: text/html
POP3 – 110 +OK Hello there. <17535.1402864062@localhost.localdomain>
IMAP – 143 * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=PLAIN IDLE ACL ACL2=UNION STARTTLS]
* BYE Disconnected for inactivity.

— end —

How to get better online security

How to manage and strengthen your passwords?

Generated strong passwords aren’t easy to remember. Try to remember this password “ZP$kfd%289_@tp[,qnhjx”. It is not an easy task 🙂                                                                                                                                        You must not write them down on paper, smartphone or any device.    YOU MUST REMEMBER PASSWORDS or USE PROPER TOOL.

There is a proved high rated solution: click here ->DAHSLANE             or copy and paste this link in your browser https://www.dashlane.com/en/cs/3bb92d23                                          Next step –  Enter your email address in corresponding field and then sign up with this email to get $15 (i.e. 6 months) of free Dashlane Premium!                                                                                                                           Thank you in advance for using my referral number. I will get same as you – 6 months of free Dashlane Premium.

Few reasons why I use it:                                                                                                  1. Keeping track of my passwords and making them secure is startlingly simple with Dashlane’s free password manager.                            2. Automatically import my passwords from any browser into my secure password vault.                                                                                                    3. Save any missing passwords as I browse.                                                          4. Make a new password right within my browser.                                          5. Get automatic alerts when websites get breached, compromised, attacked.                                                                                                                                      6. I can generate strong passwords in a click.                                            7. And with Dashlane’s auto-login, I will never have to type any password on any of my devices again. It’s that simple.                                  8. It is obsolete in identifying  the dangerously weak or reused passwords that are stored in my password vault, and see what accounts hackers may have compromised.                                                          9. Manage and use any passwords on all my devices with.                        10 .There is no record of master encryption key anywhere but my head.                                                                                                                                            11. All my information is locally stored or universally synchronized   and encrypted with AES-256, and more than 10,000 iterations of PBKDF2.

“The company Dashlane has won many accolades and recognition, including:

 

“For2Bill.com” or “PES*FOR2BILL.COM SHENZHEN” Credit cards fraud

Unauthorized withdrawal of money from credit cards

How to know if your card is used inappropriately.                                         Practice which is now used is  to drain regularly a little amount of money. I give an example with a VISA card issued by UBB.

1. Look at your online (Internet) banking and check for any transaction in CNY – Chinese yuan worth 9,96 CNY. In your currancy about 1.17 EUR; 1.61 USD; 0.95 GBP; 163.79 JPY. Look at the picture for reference, or browse for this merchant in your transactions list.

"PES*FOR2BILL.COM SHENZHEN       CNY    9.96"

VISA

2. If you don’t have online (Internet) banking, look at your paper statement and search for the aforementioned merchant or call your bank to ask them for information.

What to do if you find that your card has been used illegally.

1. Call immediately the issuing bank and ask the card to be blocked or do it through online (Internet) banking.

2. As soon as possible submit a written application to dispute the unauthorized withdrawal of money by the card issuing bank.

3. Follow the bank procedures meanwhile stand up for your rights.

If this information was usefull, you have a similar case with another site or merchant, card issuing bank does not understand the problem, please share your experience.